Esempio n. 1
0
def create_app(config_name):

    app = Flask(__name__, instance_relative_config=True)
    app.config.from_object(app_config['development'])
    app.config.from_pyfile('config.py')
    Bootstrap(app)

    db.init_app(app)

    login_manager.init_app(app)
    login_manager.login_message = "You must be logged in to access this page."
    login_manager.login_view = "auth.login"

    migrate = Migrate(app, db)

    from my_app import models

    from .admin import admin as admin_blueprint
    app.register_blueprint(admin_blueprint, url_prefix='/admin')

    from .auth import auth as auth_blueprint
    app.register_blueprint(auth_blueprint)

    from .home import home as home_blueprint
    app.register_blueprint(home_blueprint)

    ldap = LDAPConn(app)

    return app
Esempio n. 2
0
    def setUp(self):
        app = flask.Flask(__name__)
        app.config.from_object(__name__)
        app.config.from_envvar('LDAP_SETTINGS', silent=True)
        ldap = LDAPConn(app)

        self.app = app
        self.ldap = ldap
Esempio n. 3
0
    def setUp(self):
        app = flask.Flask(__name__)
        app.config.from_object(__name__)
        app.config.from_envvar('LDAP_SETTINGS', silent=True)
        app.config['LDAP_PORT'] = app.config.get('LDAP_SSL_PORT', 636)
        app.config['LDAP_USE_SSL'] = True
        ldap = LDAPConn(app)

        self.app = app
        self.ldap = ldap
Esempio n. 4
0
class User(LDAPEntry, UserMixin):
    _ldap = LDAPConn(app)

    base_dn = app.config['LDAP_USER_BASEDN']
    object_classes = ['inetOrgPerson']

    name = Attribute('displayName')
    email = Attribute('mail')
    userid = Attribute('uid')
    avatar = Attribute('jpegPhoto')
    last_name = Attribute('sn')
    first_name = Attribute('givenName')
    title = Attribute('title')
    locked = Attribute('nsaccountlock')
    email_alias = Attribute('mailalternateaddress')
    subject_pronoun = Attribute('subjectPronoun')
    object_pronoun = Attribute('objectPronoun')

    def check_password(self, password):
        if self.password is None:
            return False
        return self._ldap.authenticate(self.dn, password)


    # ================================================================
    # Class methods

    @classmethod
    def authenticate(cls, login, password):
        user = User.query.filter('userid: {}'.format(login)).first()

        if user:
            authenticated = user.check_password(password)
        else:
            authenticated = False

        return user, authenticated

    """@classmethod
    def search(cls, keywords):
        criteria = []
        for keyword in keywords.split():
            keyword = '%' + keyword + '%'
            criteria.append(db.or_(
                User.name.ilike(keyword),
                User.email.ilike(keyword),
            ))
        q = reduce(db.and_, criteria)
        return cls.query.filter(q)"""

    @classmethod
    def get_by_id(cls, user_id):
        return User.query.filter('userid: {}'.format(user_id)).first()

    """def check_name(self, name):
Esempio n. 5
0
    def setUp(self):
        app = flask.Flask(__name__)
        app.config.from_object(__name__)
        app.config.from_envvar('LDAP_SETTINGS', silent=True)
        app.config['LDAP_BINDDN'] = None
        app.config['LDAP_SECRET'] = None
        app.config['LDAP_USE_TLS'] = False
        ldap = LDAPConn(app)

        self.app = app
        self.ldap = ldap
Esempio n. 6
0
    def setUp(self):
        app = flask.Flask(__name__)
        app.config.from_object(__name__)
        app.config.from_envvar('LDAP_SETTINGS', silent=True)
        app.config['LDAP_BINDDN'] = None
        app.config['LDAP_SECRET'] = None
        app.config['LDAP_REQUIRE_CERT'] = ssl.CERT_REQUIRED
        ldap = LDAPConn(app)

        self.app = app
        self.ldap = ldap
Esempio n. 7
0
# -*- coding: utf-8 -*-

import logging
from flask import Flask
from flask_ldapconn import LDAPConn

app = Flask(__name__)
app.config.from_pyfile('config.py')
logging.basicConfig(level=app.config['RP_LOGLEVEL'])

ldap = LDAPConn(app)
from fido2.server import RelyingParty
rp = RelyingParty(app.config['RP_HOST'], app.config['RP_NAME'])

from . import views
from . import filters
from . import models
from . import cli
Esempio n. 8
0
# -*- coding: utf-8 -*-

from flask_sqlalchemy import SQLAlchemy
from flask_cors import CORS
from flask_ldapconn import LDAPConn
from flasgger import Swagger
from flask_migrate import Migrate

cors = CORS()
ldap = LDAPConn()
swagger = Swagger()
db = SQLAlchemy()
migrate = Migrate()
Esempio n. 9
0
        config['appconfig']['PREFERRED_URL_SCHEME'] = 'https'
    if not 'ciphers' in config['ssl']:
        config['ssl']['ciphers'] = 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'
    if not 'dh_params' in config['ssl']:
        config['ssl']['dh_params'] = '/etc/cteward/dhparams.pem'

app = Flask(config['name'], template_folder='templates')
app.debug = config['debug']
app.secret_key = config['secret']
app.config.update(config['appconfig'])

if 'ldapconfig' in config:
    app.config.update(config['ldapconfig'])
    if not 'LDAP_VERIFY_SSL' in config['ldapconfig'] or config['ldapconfig']['LDAP_VERIFY_SSL']:
        app.config.update({'LDAP_REQUIRE_CERT': ssl.CERT_REQUIRED})
    ldap = LDAPConn(app)

db = SQLAlchemy(app)
oauth = OAuth2Provider(app)

if 'ssl' in config:
    ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLSv1_2)
    ssl_context.load_cert_chain(config['ssl']['certfile'],config['ssl']['keyfile'])
    ssl_context.set_ciphers(config['ssl']['ciphers'])
    ssl_context.options |= ssl.OP_CIPHER_SERVER_PREFERENCE
    ssl_context.load_dh_params(config['ssl']['dh_params'])
    # FIXME: missing OCSP stapling
    # FIXME: disable SSL session tickets
else:
    ssl_context = None
Esempio n. 10
0
from six import text_type
from flask import Flask
from flask_redis import FlaskRedis
from flask_ldapconn import LDAPConn

app = Flask('lavatar')
app.config.from_object('lavatar.default_settings')
app.config.from_envvar('LAVATAR_SETTINGS', silent=True)

if not app.debug:
    app.logger.addHandler(logging.StreamHandler())
    app.logger.setLevel(logging.INFO)

redis_store = FlaskRedis(app)
ldap_conn = LDAPConn(app)


class User(ldap_conn.Entry):
    base_dn = app.config['LDAP_USER_BASEDN']
    object_class = app.config['LDAP_USER_OBJECTCLASS']
    if isinstance(app.config['LDAP_USER_ATTR_MAIL'], str):
        app.config['LDAP_USER_ATTR_MAIL'] = [app.config['LDAP_USER_ATTR_MAIL']]
    mail = ldap_conn.Attribute(app.config['LDAP_USER_ATTR_MAIL'][0])
    for i, attr in enumerate(app.config['LDAP_USER_ATTR_MAIL'][1:]):
        exec("mail" + str(i) + "=ldap_conn.Attribute('" + attr + "')")
    photo = ldap_conn.Attribute(app.config['LDAP_USER_ATTR_PHOTO'])


# md5sum thread
def update_md5db_thread():